Electronic Signatures and Aras Authentication

The Aras Innovator workflow engine has many options and features that enable the modeling of robust business processes in PLM. One of the options available is the capability to authenticate users before they can complete an activity. You may be asking, why would I want to authenticate a user in a workflow? Or, isn’t supplying a username and password when the user starts Innovator sufficient?  In many cases, enabling authentication in workflow is not necessary and login authentication is sufficient to monitor workflow activity actions.  However, some activities represent approvals or legal acknowledgments and can result in the release of parts (items), BOMs, and documents.  Depending on your business and your PLM strategy, these activities may require additional authentication to be in alignment with regulatory compliance requirements for providing electronic signatures. 

In the simple workflow shown, after the user performs the tasks associated with the Audit activity, s/he has to choose the Release path to complete the workflow.

Workflow paths can be configured with an Authentication property.  The property can have one of three values: None, Password, or E-Signature. To set the Authentication mode, Open and Lock the Workflow Map, then select the appropriate Workflow Map Path.  The following screen would be the result:

An authentication type of None allows the user to select the path and submit the activity vote without any kind of additional authentication challenge.  The Password and E-Signature values will force the user to provide credentials to complete the activity (effectively providing an electronic signature).  Based on the setting for the path, the availability of the fields in the authentication section of the voting dialog will be toggled.  The screen below shows that the path requires an electronic signature to be input before the user will be able to complete the Release as the E-Signature field is not grayed-out.

When considering the use of authentication in workflow, Password and E-Signature authentications are the same in function but with a different administrative characteristic.  The Password authentication uses the standard Innovator login, which administrators have access to set.  However, some regulatory bodies that define compliance guidelines require that administrators cannot have access to credentials that are used for a second challenge.  Because electronic signatures in Innovator are controlled by the users, not an administrator, they may be used to help fulfill these stricter guidelines.  Checking with your organization’s regulatory compliance officer would be the first step in determining if Innovator’s implementation of Password or E-Signature authentication provides value to your processes.

Another thing to consider when choosing workflow authentication mechanisms is if your Innovator environment is using system login authentication mechanisms other than Aras Innovator. For example, like most major PLM systems, Innovator can be configured to authenticate to an Active Directory or LDAP server to determine if the user’s credentials are correct.  If your Innovator environment is configured to use AD or LDAP, you must use the E-Signature methodology on your workflow paths if additional authentication is required.

If you have any questions regarding authentication or other workflow functionality in Innovator, please contact us.

Tags: , , , , , , ,

Read more posts by

This entry was posted on Thursday, November 4th, 2010 at 1:05 pm and is filed under Aras Innovator, Industry Insider, Product Lifecycle Management. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.